Introducing the new Search Console

By | January 8th, 2018|crawling and indexing, products and services, search console, search queries, sitemaps, webmaster tools|

A few months ago we released a beta version of a new Search Console experience to a limited number of users. We are now starting to release this beta version to all users of Search Console, so that everyone can explore this simplified process of optim...

Comments Off on Introducing the new Search Console

Introducing Rich Results & the Rich Results Testing Tool

By | December 19th, 2017|rich cards, rich results, structured data, webmaster tools|

Over the years, the different ways you can choose to highlight your website's content in search has grown dramatically. In the past, we've called these rich snippets, rich cards, or enriched results. Going forward - to simplify the terminology -  ...

Comments Off on Introducing Rich Results & the Rich Results Testing Tool

#NoHacked 3.0: Fixing common hack cases

By | December 18th, 2017|Uncategorized|

So far on #NoHacked, we have shared some tips on detection and prevention. Now that you are able to detect hack attack, we would like to introduce some common hacking techniques and guides on how to fix them!

  • Fixing the Cloaked Keywords and Links Hack
    The cloaked keywords and link hack automatically creates many pages with nonsensical sentences, links, and images. These pages sometimes contain basic template elements from the original site, so at first glance, the pages might look like normal parts of the target site until you read the content. In this type of attack, hackers usually use cloaking techniques to hide the malicious content and make the injected page appear as part of the original site or a 404 error page.
  • Fixing the Gibberish Hack
    The gibberish hack automatically creates many pages with nonsensical sentences filled with keywords on the target site. Hackers do this so the hacked pages show up in Google Search. Then, when people try to visit these pages, they'll be redirected to an unrelated page, like a porn site for example.
  • Fixing the Japanese Keywords Hack
    The Japanese keywords hack typically creates new pages with Japanese text on the target site in randomly generated directory names. These pages are monetized using affiliate links to stores selling fake brand merchandise and then shown in Google search. Sometimes the accounts of the hackers get added in Search Console as site owners.

Lastly, after you clean your site and fix the problem, make sure to file for a reconsideration request to have our teams review your site.

If you have any questions, post your questions on our Webmaster Help Forums!

Comments Off on #NoHacked 3.0: Fixing common hack cases

Getting your site ready for mobile-first indexing

By | December 18th, 2017|Uncategorized|

When we announced almost a year ago that we're experimenting with mobile-first indexing, we said we'd update publishers about our progress, something that we've done the past few months through public talks in office hours on Hangouts on...

Comments Off on Getting your site ready for mobile-first indexing

#NoHacked 3.0: Tips on prevention

By | December 14th, 2017|Uncategorized|

Last week on #NoHacked, we have shared on hack detection and the reasons why you might get hacked. This week we focus on prevention and here are some tips for you!
  • Be mindful of your sources! Be very careful of a free premium theme/plugin!

    You probably have heard about free premium plugins! If you've ever stumbled upon a site offering you plugins you normally have to purchase for free, be very careful. Many hackers lure you in by copying a popular plugin and then add backdoors or malware that will allow them to access your site. Read more about a similar case on the Sucuri blog. Additionally, even legit good quality plugins and themes can become dangerous if :

    • you do not update them as soon as a new version becomes available
    • the developer of said theme or plugin does not update them, and they become old over time

In any case, keeping all your site's software modern and updated is essential in keeping hackers out of your website.

  • Botnet in wordpress
    A botnetis a cluster of machines, devices, or websites under the control of a third party often used to commit malicious acts, such as operating spam campaigns, clickbots, or DDoS. It's difficult to detect if your site has been infected by a botnet because there are often no specific changes to your site. However, your site's reputation, resources, and data are at risk if your site is in a botnet. Learn more about botnets, how to detect them, and how they can affect your site at Botnet in wordpress and joomla article.
As usual if you have any questions post on our Webmaster Help Forums for help from the friendly community and see you next week!

Comments Off on #NoHacked 3.0: Tips on prevention

A revamped SEO Starter Guide

By | December 12th, 2017|Uncategorized|

There are lots of resources out there to create great websites. Website owners often ask Google what our recommended practices are to make sure great websites are search-engine-friendly. Traditionally, our resources for beginners were the SEO Starter G...

Comments Off on A revamped SEO Starter Guide

Web Design Weekly #302

By | December 11th, 2017|Newsletter|

Joe Lencioni explains the techniques he used to profile Airbnb's listing pages, the tools he used to optimize it and see the scale of the impact it had. Peggy Rayzis walks through a couple of hands-on examples to show you how integrating GraphQL into your application will solve many pain points working with remote data and som much more. Enjoy.

The post Web Design Weekly #302 appeared first on Web Design Weekly.

Comments Off on Web Design Weekly #302

#NoHacked 3.0: How do I know if my site is hacked?

By | December 8th, 2017|#nohacked, hacked sites, nohacked 3.0|

Last week #NoHacked is back on our G+ and Twitter channels! #NoHacked is our social campaign which aims to bring awareness about hacking attacks and offer tips on how to keep your sites safe from hackers. This time we would like to start sharing content from #NoHacked campaign on this blog in your local language!

Why do sites get hacked? Hackers havedifferent motives for compromising a website, and hack attacks can be very different, so they are not always easily detected. Here are some tips which will help you in detecting hacked sites!

  • Getting started:

    Start with our guide "How do I know if my site is hacked?" if you've received a security alert from Google or another party. This guide will walk you through basic steps to check for any signs of compromises on your site.

  • Understand the alert on Google Search:

    At Google, we have different processes to deal with hacking scenarios. Scanning tools will often detect malware, but they can miss some spamming hacks. A clean verdict from Safe Browsing does not mean that you haven't been hacked to distribute spam.

    • If you ever see "This site may be hacked", your site may have been hacked to display spam. Essentially, your site has been hijacked to serve some free advertising.
    • If you see"This site may harm your computer" beneath the site URL then we think the site you're about to visit might allow programs to install malicious software on your computer.
    • If you see a big red screen before your site, that can mean a variety of things:
      • If you see "The site ahead contains malware", Google has detected that your site distributes malware.
      • If you see "The site ahead contains harmful programs", then the site has been flagged for distributing unwanted software.
      • "Deceptive site ahead" warnings indicate that your site may be serving phishing or social engineering. Your site could have been hacked to do any of these things.
  • Malvertising vs Hack:

    Malvertising happens when your site loads a bad ad. It may make it seem as though your site has been hacked, perhaps by redirecting your visitors, but in fact is just an ad behaving badly.

  • Open redirects: check if your site is enabling open redirects

    Hackers might want to take advantage of a good site to mask their URLs. One way they do this is by using open redirects, which allow them to use your site to redirect users to any URL of their choice. You can read more here!

  • Mobile check: make sure to view your site from a mobile browser in incognito mode. Check for bad mobile ad networks.

    Sometimes bad content like ads or other third-party elements unknowingly redirect mobile users. This behavior can easily escape detection because it's only visible from certain browsers. Be sure to check that the mobile and desktop versions of your site show the same content.

  • Use Search Console and get message:

    Search Console is a tool that Google uses to communicate with you about your website. It also includes many other tools that can help you improve and manage your website. Make sure you have your site verified in Search Console even if you aren't a primary developer on your site. The alerts and messages in Search Console will let you know if Google has detected any critical errors on your site.

If you're still unable to find any signs of a hack, ask a security expert or post on our Webmaster Help Forums for a second look.

The #NoHacked campaign will run for the next 3 weeks. Follow us on our G+ and Twitter channels or look out for the content in this blog as we will be posting summary for each week right here at the beginning of each week! Stay safe meanwhile!

Comments Off on #NoHacked 3.0: How do I know if my site is hacked?